What is claimed is: 

1 . A method, comprising: 

a first machine communicating with a second machine using a protocol that 
sends the first machine's network configuration data in an application data sent to the 
second machine; 

receiving from a network configuration server a network configuration not subject 
to translation by the translating access point; and 

providing according to the protocol said received network configuration to the 
second machine so that said communicating may traverse a translating access point 
which translates network traffic so as to apparently originate from the access point 
without breaking the protocol. 

2. The method of claim 1 , wherein the network configuration data comprises 
a network address, the method further comprising: 

establishing a tunnel with the first machine for receiving network traffic sent to the 
network address. 

3. The method of claim 2, wherein the tunnel is established between the 
network configuration server and the first machine. 

4. The method of claim 1 , wherein the protocol is a selected one of an audio 
protocol, a visual protocol, and audiovisual protocol, and a telecommunication protocol. 



42390.P10851 



-16- 



Patent 



5. The method of claim 1 , wherein the translating access point has a first 
interface communicatively coupled with a first network, and a second interface 
communicatively coupled with a second network, the method further comprising: 

associating a network address with the second interface; 
receiving network traffic from the first machine on the first interface; and 
translating said received network traffic so that it appears to originate from the 
network address associated with the second interface. 

6. A method for communicating through an access point coupling plural 
machines on a first network to a second machine on a second network by translating 
first network traffic so as to apparently originate from the access point, comprising: 

receiving a request for a first address of a first machine on the first network; 

allocating a second address from a server on the second network; 

providing the second network address in response to the request; 

transmitting through the access point at least one network packet comprising a 
packet origin, and a data payload comprising the second network address; and 

translating by the access point of the packet origin so that the network packet 
apparently originates from the access point. 

7. The method of claim 6, further comprising: 

establishing a tunnel between the first machine and the server; and 
the first machine receiving, through the tunnel, network traffic sent to the second 
address. 
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8. The method of claim 7, wherein the access point performs selected ones 
of: network address translation, and port translation on the at least one network packet. 

9. The method of claim 6, further comprising: 

providing a network address translation (NAT) based router between the first 
machine and the second machine so that communication between said first and second 
machines is NAT translated at least once. 

1 0. The method of claim 9, wherein the NAT based router is the access point. 

1 1 . The method of claim 6, further comprising: 

communicatively coupling the server to the second network such that network 
traffic from the server reaches the second network without translation. 

12. The method of claim 1 1 , wherein the second network is the Internet. 

13. The method of claim 6, wherein the packet origin address is the first 
network address. 

14. The method of claim 6, further comprising: 
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executing a networking application program, said program issuing the request for 
the first address of the first machine, and storing said provided second address as the 
data pay load; 

wherein the networking application program is unaware of said translating. 

15. The method of claim 6, wherein the first machine comprises: 
a network interface communicatively coupled to the first network; 

a first memory for storing an operating system providing network services; and 
a second memory for storing a network driver communicatively coupling the 
network interface to said network services, said network driver performing said 
allocating the second address, and providing the second address responsive to the 
request for the first address. 

16. The method of claim 15, further comprising: 

executing a networking application program which issues the request for the first 
address; and 

the network driver providing the second network address responsive to said 
networking application program request. 

17. A method for machines on an internal network to utilize protocols 
embedding machine network addresses within network traffic data when such traffic 
routes through an access point that shares a single address on an external network with 
said machines, the method comprising: 
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receiving first network traffic from a network driver executing on a first machine of 
the internal network, said first traffic having an apparent origin of the single address; 

allocating an external address on the second network; 

providing the external address to a network driver of the first machine; and 

establishing a tunnel through the access point to the network driver so that 
network traffic for the external address is received by the network driver. 

18. The method of claim 17, further comprising: 

receiving second network traffic from an application program executing on the 
first machine, said second traffic having an apparent origin of the access point, and a 
data payload encoding an identified address determined by the application program for 
the first machine. 

19. The method of claim 18, wherein the application program is a 
telecommunication program, the method further comprising: 

contacting by the network driver of a call handling server on the external network, 
said server performing said allocating the external address and establishing the tunnel; 
initiating a call by said program to an endpoint; 
notifying said server of said initiating; 
establishing said call to the endpoint by said server; 
notifying the network driver of success/failure of said establishing; and 
notifying said program of said success/failure. 



42390.P10851 



-20- 



Patent 



20. The method of claim 19, wherein: 

the application program telecommunicates with the network driver; and 
the endpoint telecommunicates with the server. 

21 . A method for a first machine on an local area network (LAN) to 
communicate with a wide area network (WAN) through an access point configured to 
alter LAN network traffic so that it appears to originate from the WAN, the method 
comprising: 

providing layer-based network services including an application layer, a network 
driver layer, and a session layer, wherein said driver is called before said session layer; 

executing an application program configured to identify a first address of the first 
machine, embed said identified first address within network traffic data, and send said 
network traffic data to a communication endpoint; 

providing a WAN address to said program so that said program can embed the 
WAN address within the network traffic data; and 

establishing a first communication session between said program and said driver, 
a second communication session between said driver and the server, and a third 
communication session between the server and the said endpoint. 

22. The method of claim 21 , further comprising: 
contacting a server on the WAN to obtain the WAN address; 
receiving a call setup from said program for the endpoint; 
establishing a call from the server to the endpoint; 
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connecting said program call to said driver; and 

transparently forwarding said program call by said driver to the server. 

23. The method of claim 21 , wherein the session layer comprises the 
5 Microsoft Winsock Application Programming Interface. 

24. The method of claim 21 , wherein said network services are arranged 
according to the ISO/OSI model. 

fiO 25. An apparatus, comprising a readable medium having instructions encoded 

01 thereon for execution by a processor, said instructions capable of directing the 
^ processor to perform: 

[7 communicating by a first machine with a second machine using a protocol that 

f % sends the first machine's network configuration data in an application data sent to the 
lA5 second machine; 

a receiving from a network configuration server a network configuration not subject 

to translation by the translating access point; and 

providing according to the protocol said received network configuration to the 

second machine so that said communicating may traverse a translating access point 
20 which translates network traffic so as to apparently originate from the access point 

without breaking the protocol. 
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26. The apparatus of claim 25, said instructions comprising further instructions 
capable of directing the processor to perform: 

establishing a tunnel with the first machine for receiving network traffic sent to the 
network address. 

27. The apparatus of claim 25, wherein the translating access point has a first 
interface communicatively coupled with a first network, and a second interface 
communicatively coupled with a second network, said instructions comprising further 
instructions capable of directing the processor to perform: 

associating a network address with the second interface; 
receiving network traffic from the first machine on the first interface; and 
translating said received network traffic so that it appears to originate from the 
network address associated with the second interface. 

28. An apparatus for communicating through an access point coupling plural 
machines on a first network to a second machine on a second network by translating 
first network traffic so as to apparently originate from the access point, comprising a 
readable medium having instructions encoded thereon for execution by a processor, 
said instructions capable of directing the processor to perform: 

receiving a request for a first address of a first machine on the first network; 
allocating a second address from a server on the second network; 
providing the second network address in response to the request; 
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transmitting through the access point at least one network packet comprising a 
packet origin, and a data payload comprising the second network address; and 

translating by the access point of the packet origin so that the network packet 
apparently originates from the access point. 

5 

29. The apparatus of claim 28, said instructions comprising further instructions 
capable of directing the processor to perform: 

establishing a tunnel between the first machine and the server; and 
the first machine receiving, through the tunnel, network traffic sent to the second 
HO address. 

30. The apparatus of claim 28, wherein a network address translation (NAT) 
f * based router between the first machine and the second machine translates 

|L communication between said first and second machines. 

H 31 . The apparatus of claim 30, wherein the NAT based router is the access 

point. 



32. The apparatus of claim 28, said instructions comprising further instructions 
20 capable of directing the processor to perform: 

executing a networking application program, said program issuing the request for 
the first address of the first machine, and storing said provided second address as the 
data payload; 



42390.P10851 



-24- 



Patent 



wherein the networking application program is unaware of said translating. 



33. A system for machines on an internal network to utilize protocols 
embedding machine network addresses within network traffic data when such traffic 
routes through an access point that shares a single address on an external network with 
said machines, the method comprising: 

receiving means for receiving first network traffic from a network driver executing 
on a first machine of the internal network, said first traffic having an apparent origin of 
the single address; 

allocating means for allocating an external address on the second network; 

providing means for providing the external address to a network driver of the first 
machine; and 

establishing means for establishing a tunnel through the access point to the 
network driver so that network traffic for the external address is received by the network 
driver. 

34. The system of claim 33, further comprising: 

receiving means for receiving second network traffic from an application program 
executing on the first machine, said second traffic having an apparent origin of the 
access point, and a data payload encoding an identified address determined by the 
application program for the first machine. 
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35. The system of claim 34, wherein the application program is a 
telecommunication program, the system further comprising: 

means for contacting by the network driver of a call handling server on the 
external network, said server performing said allocating the external address and 
5 establishing the tunnel; 

initiating means for initiating a call by said program to an endpoint; 

notifying means for notifying said server of said initiating; 

establishing means for establishing said call to the endpoint by said server; 

notifying means for notifying the network driver of success/failure of said 
10 establishing; and 

j notifying means for notifying said program of said success/failure. 

* 36. An apparatus for facilitating a first machine on an local area network (LAN) 

% to communicate with a wide area network (WAN) through an access point configured to 
15 alter LAN network traffic so that it appears to originate from the WAN, the method 
! comprising: 

means for providing layer-based network services including an application layer, 
a network driver layer, and a session layer, wherein said driver is called before said 
session layer; 

20 means for executing an application program configured to identify a first address 

of the first machine, embed said identified first address within network traffic data, and 
send said network traffic data to a communication endpoint; 



42390.P10851 



-26- 



Patent 



means for providing a WAN address to said program so that said program can 
embed the WAN address within the network traffic data; and 

means for establishing a first communication session between said program and 
said driver, a second communication session between said driver and the server, and a 
5 third communication session between the server and the said endpoint. 

37. The apparatus of claim 36, further comprising: 
means for contacting a server on the WAN to obtain the WAN address; 
means for receiving a call setup from said program for the endpoint; 
0 means for establishing a call from the server to the endpoint; 

means for connecting said program call to said driver; and 
means for transparently forwarding said program call by said driver to the server. 
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